As we recently noted, more than 40% of the 2.5 million comments filed with the FCC on net neutrality are entirely fake. The comments, which oppose net neutrality, have been posted using a bot that’s pulling the names used from a hacked database of some kind. When the people that own the actual names behind these comments have been contacted by the media, many have stated they didn’t make the comments, and/or have no idea what net neutrality even is.

In an ideal world, the FCC would easily parse out these obviously fraudulent, duplicate comments and shore up the abuse of its API. But because these comments support the current FCC’s belief that meaningful net neutrality protections are somehow an assault on “American freedom,” the FCC appears poised to completely disregard the fact that a malicious actor is manipulating the FCC’s systems. The FCC isn’t candidly admitting this, but FCC boss Ajit Pai’s non-statements and statements alike so far indicate he’s inclined to include the obviously fraudulent comments:

“The FCC didn’t respond to repeated requests to specifically say whether it would filter out the astroturfed comments. Speaking to reporters after announcing a step toward rolling back existing net neutrality protections, FCC Chair Ajit Pai admitted “a tension between having an open process where it’s easy to comment and preventing questionable comments from being filed.”
“Generally speaking, this agency has erred on the side of openness,” he said.”

When pushed, FCC officials have said they’ll purge comments made under obviously phony names, but isn’t willing to comment further on the obvious blind eye to manipulation of the comment system:

“Pai said the agency wouldn’t consider comments with obviously fake names, like Wonder Woman and Joseph Stalin, but declined to go further. Reached for comment after Pai’s statement, an FCC official declined to comment specifically on astroturfed comments.
“You heard his answer on erring on the side of inclusion,” the official said.

And again, the FCC is turning a blind eye to this fraudulent behavior because actual humans overwhelmingly oppose what Pai and friends are up to. Recent analysis of the comments made so far to the FCC indicate the vast, vast majority of consumers — across all political ideologies — don’t want the agency gutting meaningful oversight of the already uncompetitive broadband sector. That could be problematic later this year, when Pai faces inevitable lawsuits over his rush to kill the protections despite no corresponding market necessity, and the broad public support for the rules.

Back in 2015, Wikimedia’s lawsuit against the NSA — filed with several other plaintiffs and with the help of the ACLU — was tossed out by the district court. Wikimedia argued it was illegally the subject of NSA upstream surveillance, thanks to the nature of this Section 702 collection. Wikimedia’s reach is global, making it highly likely the NSA was gathering its content and communications while snagging data off internet backbones.

To further demonstrate the probability of this happening, Wikipedia submitted leaked Snowden documents, including an NSA presentation slide that contained Wikimedia’s logo.

>

No dice. The district court said Wikimedia had no standing to pursue these claims, even with the unexpected buttress of leaked NSA documents. The court went even further, disabusing Wikipedia of its “99.9999999999% certainty” notion that the NSA had illegally harvested at least one of its trillions of internet transactions. In all, it was a very ugly day for Wikimedia and its lawsuit.

Fortunately, for Wikimedia, its lawsuit has been revived on appeal. The Fourth Circuit Appeals Court is far more amenable to Wikimedia’s claims, finding them to be more credible than the lower court determined. From the opinion [PDF]:

[A]t least at this stage of the litigation, Wikimedia has standing to sue for a violation of the Fourth Amendment. And, because Wikimedia has self-censored its speech and sometimes forgone electronic communications in response to Upstream surveillance, it also has standing to sue for a violation of the First Amendment.

The court doesn’t necessarily treat all of Wikimedia’s allegations as true, but finds it has handed over enough background evidence to give it standing to pursue its First and Fourth Amendment claims.

But this revival is limited to Wikimedia and only some of its claims. The seven other plaintiffs aren’t invited to the next district court round. A lack of produced evidence appears to have killed off the “dragnet” claims raised by the plaintiffs (which includes Wikimedia). The other defendants have a much smaller web footprint, making it less plausible their communications were subjected to upstream collection by the NSA. The only way those claims would be plausible is if the court found the “dragnet” assertions plausible… which it doesn’t.

The Dragnet and Wikimedia Allegations share much in common. Because each alleges the same particularized and ongoing cognizable injuries, our analysis of the injury-in-fact, traceability, and redressability elements of Article III standing with respect to the Wikimedia Allegation also applies here. But there’s a key difference in the scope of the two allegations. In the Dragnet Allegation, Plaintiffs must plausibly establish that the NSA is intercepting “substantially all” text-based communications entering and leaving the United States, whereas it’s sufficient for purposes of the Wikimedia Allegation to show that the NSA is conducting Upstream surveillance on a single backbone link. Because Plaintiffs don’t assert enough facts about Upstream’s operational scope to plausibly allege a dragnet, they have no Article III standing.

The difference between the two claims is one of numbers. Wikimedia only had to show its traffic traveled across enough internet backbones to plausibly claim harvesting from any one of them would result in interception of its communications. The “dragnet” argument claims the NSA is harvesting almost everything that travels across multiple backbones. The majority finds this assertion unlikely. The dissent, however, says the same arguments Wikimedia put forth to demonstrate the probability of illegally-intercepted communications lend credence to the “dragnet” argument simply because that’s how internet traffic works.

Plaintiffs have plausibly alleged that the NSA surveils most backbone links because — based on the technical rules governing internet communications — the agency cannot know which link the communications it targets will traverse when they enter or leave the United States. The path that packets take along the internet backbone is determined dynamically based on unpredictable conditions. Thus, a communication sent by a surveillance target can enter the United States through one backbone link, but an immediate response returned to the surveillance target can traverse a different backbone link. Similarly, communications sent by a surveillance target at different times or locations can traverse different backbone links. Given this technical limitation, the government’s disclosure that the NSA seeks to “comprehensively acquire communications that are sent to or from its targets,” J.A. 49, renders Plaintiffs’ allegation plausible. If the NSA cannot know which backbone link its targets’ internet communications will traverse, then the only way it can comprehensively acquire its targets’ communications is by surveilling virtually every backbone link.

It’s a good point but it’s not enough to save the rest of the plaintiffs, which include the National Association of Criminal Defense Lawyers, Human Rights Watch, and Amnesty International. Perhaps a further examination of Wikimedia’s arguments by the lower court will aid these plaintiffs in their future legal endeavors.

By now, Tinder is probably in the common lexicon. The dating app has been fairly successful, boasting something like 50 million people using it and managing to make something like 12 million matches per day. It’s a household name, in other words, which is what makes it a bit strange to see the company bother to oppose a fairly silly trademark application by one guy who designed a dating app to get dating matches for exactly one person: himself.

Shed Simove called the app Shinder and said he built it to find himself a partner. However, when he tried to trademark it, a Notice of Threatened Opposition was filed to the Intellectual Property Office by dating giant Tinder.

“I think it’s a case of a big corporate giant looking at an entrepreneur who sees the world differently and being punitive,” he said. “It’s unlikely that the female population will stop using Tinder and start using Shinder.”

To be clear, the attempt to trademark “Shinder” itself is silly. The app was created by Shed Simove for the sole purpose of getting himself a date. He’s the only dude on the roster. While the app attempts to recruit women to use it, he’s the only option for them. It would be kind of funny, if it weren’t so creepy. The attempt to trademark Shinder, according to Simove, was done because he’s thought about white-labeling the app for any individual to use. And yes, this is every bit as dumb and probably not trademarkable as it sounds.

“If it was ‘white label ‘ - that would mean if I chose to I could take the raw guts of the code and allow people to have their own versions. Jane could have Jinder, and so on.”

Jinder? Please. The whole point of trademark law is to keep customers from being confused between products and services. There is a roughly zero chance that anyone is going to mistake Tinder, megalith in the dating app world as it is, for Shinder, an app used by almost nobody created by one guy to get himself a date. Why Tinder is even bothering with this is beyond me.

Although, because every funny story needs an even funnier punchline, Tinder was not the only one concerned.

He also received a letter from lawyers representing the elevator firm Schindler. Schindler asked him to commit to refraining from entering the elevator or escalator market.

If trademark law has gotten to this point, is it time we contemplate whether it’s serving its purpose any longer?

It appears that a vendor working for Comcast sent a totally bullshit cease-and-desist letter regarding a pro-net neutrality site: Comcastroturf.com, created by our friends over at Fight for the Future. The Comcastroturf website was set up as a tool to see if someone filed bogus FCC comments in your name. As you probably recall, there is a bot that has been flooding the FCC comment site with bogus anti-net neutrality comments, filed in alphabetical order. Reporters contacted some of the individuals whose names appear on these comments, and they had no idea what it was about. People are still trying to track down who is actually responsible for the bogus comments, but Fight for the Future set up this neat site to let you check if your name was used by whoever is behind it.

And, of course, the name “Comcastroturf” is pretty damn clever, given the topic. Kudos to Fight for the Future for coming up with that one. It is, of course, totally legal to use the domain name of a company that you’re protesting in your own domain. There are numerous cases on this issue, normally discussed as the so-called “Sucks Sites.” There’s clearly no legal issue with Comcastroturf, and any reasonably informed human being would know that. Unfortunately, it would appear that Comcast hired a company that employs some non-reasonably informed humans.

The cease-and-desist letter was sent by a company called “Looking Glass Cyber Solutions” (no, really), which used to be called “Cyveillance” (only marginally less bad). We’ve written about Cyveillance twice before — and both times they were about totally bogus takedown requests from Cyveillance that caused serious problems. The most recent was the time that Cyveillance, working for Qualcomm, filed a bogus DMCA notice that took down Qualcomm’s own Github repository. Nice move. The earlier story, however was in 2013, and involved Cyveillance — again representing Comcast — sending a threatening takedown demand to some more of our friends over at TorrentFreak, claiming (ridiculously) that public court filings were Comcast’s copyright-covered material, and threatening serious legal consequences if it wasn’t taken down. Eventually, Comcast stepped in and admitted the cease-and-desist was “sent in error.” You’d think that maybe this would have caused Comcast to think twice about using Cyveillance for such things. But, nope.

Of course, there’s no way that Comcast would actually move forward with any legal action here. In fact, I’m pretty sure it already regrets the fact that the numbskulls at this vendor they hired to police their brand online just caused (yet another) massive headache for their brand online. Maybe, this time, Comcast will finally let Cyveillance/Looking Glass Cyber go, and find partners who don’t fuck up so badly. Meanwhile, the fact that Looking Glass Cyber can’t even figure out that Comcastroturf is a perfectly legal protest site makes the company’s website — which is chock full of idiotic buzzwords about “threat mitigation” and “threat intelligence” — look that much more ridiculous. The only “threat” here is Looking Glass/Cyveillance and their silly cluelessness sending out censorious threats based on what appears to be little actual research.

Of course, without true net neutrality, if Comcast really wanted to silence Comcastroturf, it would just block everyone from accessing the site…

Everyone’s favorite abusable statute is back at it. Anyone can file a DMCA takedown request. Not everyone gets theirs granted. But it’s a zero-cost, mostly-zero risk effort that takes about five minutes from start to finish. It’s no wonder it’s been abused by a handful of ex-cons and, very memorably, by a revenge porn purveyor who suddenly developed concerns about personal privacy.

In this case, it’s someone named in an Albuquerque Journal article about a federal fraud indictment. The most obvious pick would be the couple named early on in the article by Nicole Perez: Michael Jacobs and/or Ruth Handler-Jacobs. But there are others listed as well, co-conspirators Rienzie Edwards (of Sri Lanka), F.K. Ho (a broker located in Singapore), and a couple of other Americans, Laurence Lester and Rachel Gendrau.

It could be any one of these people (though the fractured English in the takedown request would seem to point overseas), but there’s no way to know for sure because the DMCA notice is clearly falsely filed in the name of the journalist who wrote the article. This appropriation of someone else’s name and profession leads to one of the most unlikely claims ever made in a DMCA notice: that journalists refer to publishing articles as “posting a content.”

Here’s the whole BS claim:

I am Nicole Perez. I posted a content about Michael Jacobs’s fraud cases on abqjournal.com. I personally investigated that my original content is copied and posted on different websites. I contacted the webmaster team of the websites to remove it, but did not get any positive response. I request you to remove it from online searches.

It’s extremely likely none of what’s said here is true, starting with the name used. I find it incredibly hard to believe someone impersonating a journalist “contacted webmasters” to have these articles removed. (The lack of positive response is the only believable part, but that relies on the original contact taking place.) It’s even harder to believe when one of the websites is the Albuquerque Journal’s Facebook page.

Others targeted include Ripoff Report, Courthouse News Service, and Sri Lankan news site The Sunday Times. The inclusion of this site shifts the needle of blame towards Reinzie Edwards. This story includes a photo of Edwards as well as details of his run-ins with local authorities over apparent financial fraud.

Again, nothing can be said conclusively about the origin of this DMCA notice, other than it obviously wasn’t Nicole Perez, who would likely prefer her “content” to be spread as far as possible across the internet. The people written about, not so much. When you’re already facing federal fraud charges, what’s a little perjury?

Over the last year, we’ve noted the surge in so-called “right to repair” laws, which would make it easier for consumers to repair their electronics and find replacement parts and tools. It’s a direct response to the rising attempts by companies like John Deere, Apple, Microsoft and Sony to monopolize repair, hamstringing consumer rights over products consumers think they own, while driving up the cost of said product ownership. John Deere’s draconian lockdown on its tractor firmware is a large part of the reason these efforts have gained steam over the last few months in states like Nebraska.

In New York, one of the first attempts at such a law (the “Fair Repair Act”) has finally been making progress. But according to New York State’s Joint Commission on Public Ethics, Apple, Verizon, Toyota, Lexmark, Caterpillar, Asurion, and Medtronic have all been busy lobbying to kill the law for various, but ultimately similar, reasons. And they’re out-spending the consumer advocates and repair shops pushing for this legislation by a rather wide margin:

“The records show that companies and organizations lobbying against right to repair legislation spent $366,634 to retain lobbyists in the state between January and April of this year. Thus far, the Digital Right to Repair Coalition—which is generally made up of independent repair shops with several employees—is the only organization publicly lobbying for the legislation. It has spent $5,042 on the effort, according to the records.”

To be clear, the vast majority of the time, companies lobbying against this kind of legislation don’t like to even admit that they oppose it. But when they do go on the record, it usually features a trifecta of false claims that the bills will make users less safe, pose a cybersecurity risk, and open the door to cybersecurity theft. In Nebraska, for example, we’ve already noted how Apple claims that allowing people to repair and tinker with the hardware they own will somehow turn the state into a “mecca for bad actors and hackers,” and that letting consumers repair their own electronics would cause lithium batteries to catch fire.

Of course, the real reason Apple opposes this legislation is that it stands to lose significant repair revenue once people no longer have to drive half an hour to the nearest Apple Genius bar and support team. The same is true for game console makers Sony and Microsoft, who obviously would prefer it if you’re only able to use their significantly-more expensive repair programs. They’ll ignore the fact that this kind of behavior not only allows companies to charge an arm and a leg for what very well may be superficial repairs, but helps prop up closed, proprietary ecosystems, hurting customers in a myriad of other ways as well.

And while supporters of these right to repair bills are very candid about the benefits they think users will see, it’s telling that the companies lobbying against these rules refuse to comment whatsoever on their opposition, and when they are willing to talk can only trot out a parade of theoretical horribles that don’t really make coherent sense.

From the basics to more advanced techniques, the $39 Ethical Hacking A to Z Bundle
leaves no stone unturned as you explore the complex world of ethical hacking. Over 8 courses with 45+ hours of instruction, explore passive and active reconnaissance, scanning and enumeration, network mapping, and more.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

As information about police use of cell tower spoofers began leaking out, those who had kept the public (including defendants, judges, and even some prosecutors) out of the loop began defending their use of domesticated military technology. They said pay no attention to the possible civil liberties violations. Just think of all the good they’re doing. They promised Stingrays would only be used on the worst of the worst, and only when time was of the essence: terrorists, murderers, kidnappers, etc.

But then even more Stingray documents made their way into the public domain. These showed the devices were deployed in bog-standard drug investigations or, worse, used just because agencies had them. This perhaps reached its nadir when a police department fired up its Stingray to hunt down someone who had stolen less than $60 worth of fast food. To make matters worse, the Stingray failed to track down the alleged thief.

Of course, anyone paying attention knew Stingrays would be used for nothing of importance, despite public officials’ statements otherwise. The first person to start digging into Stingray use was Daniel Rigmaiden, who was doing time for fraud. Not exactly the sort of crime one would associate with exigent circumstances and possible danger to the public.

And, of course, because it’s now the government’s foremost priority to toss undocumented immigrants out of the country, Stingrays are being used to accomplish this goal. And, just like the defensive statements made on behalf of IMSI catchers, the federal government has claimed it’s only interested in removing the most dangerous of undocumented individuals first. These statements are also false.

Federal officials in Detroit used a secretive tool known as a “Stingray” — which tricks cell phones into revealing their location — to find an undocumented man for deportation.

The cell-site simulator has been used in the past by federal and local law enforcement to find murder suspects, kidnap victims, drug dealers and terrorists — but sometime in March, FBI and ICE officials used it to find a 23-year-old native of El Salvador to deport him.

The alleged criminal act being used as leverage — both for the Stingray deployment and the use of ICE’s “eject” button — is a long ways from the Parade of Horribles used to justify the acquisition and use of cell tower spoofers.

According to the warrant, Carcamo-Carranza was deported in 2012 and 2015 to El Salvador, but returned to the US.

In Feb. 28, 2016, he was arrested in Shelby Township, Michigan, on suspicion of hit-and-run, but was released by local police before he was detained by ICE agent.

Also of note: ICE used a warrant to pry loose this phone number, serving one to Facebook which gave it access to Carranza’s private messages. Just throwing that in there to add a bit more skepticism for the “Going Dark” theory. A phone that might be locked isn’t the end of the line for investigators, no matter how loudly law enforcement officials sigh during press conferences while gesturing ineffectively at a pile of seized devices.

As we always knew would happen, Stingray technology would soon shift from its more limited, “higher cause” deployment into just another tool for rote policework.

Apparently, giant broadband providers don’t much want to put their sudden, mysterious love of net neutrality into writing. Last week, the FCC voted to begin killing net neutrality, opening the door to a 90-day comment period ahead of a broader rule-killing vote later this year. In the wake of the move, the same large ISPs that have spent a decade trying to kill meaningful regulatory oversight comically went out of their way to (falsely) claim that the killing of the rules doesn’t mean all that much — because these duopolies love net neutrality so much any hard rules simply aren’t necessary.

Verizon went so far as to publish a violently misleading video claiming that net neutrality isn’t dying and large ISPs aren’t trying to kill it. Comcast’s top lobbyist David Cohen penned a blog post claiming that the FCC was only trying to “protect the open internet” from “dangerous and inappropriate Title II.” And the day before the FCC voted to begin killing the rules, the cable industry’s biggest lobbying organization (the NCTA) took out a full-page ad in the Washington Post, pledging the cable industry’s “commitment to an open internet”:

Over in a corresponding blog post, the NCTA pushed a load of disingenuous prattle insisting that the cable industry will remain on its best behavior after the current FCC gets done dismantling all manner of consumer protections (net neutrality is only one small part of what the agency is up to):

“The cable industry is proud to be America’s largest residential broadband internet provider and we’ve always embraced and delivered a truly open internet experience to consumers. Why? Because it’s what consumers demand and what makes our business grow and thrive. It’s really that simple…No matter what happens with this new FCC proceeding or whatever regulatory model comes next, we will continue to provide an open internet experience for our customers, and we remain willing to work with all parties on ways to promote internet freedom and continued technological progress.”

The Consumerist amusingly reached out to each of the NCTA’s 24 cable company members to see if they’d be willing to sign a contract putting their adoration of the open internet into some kind of bonding contract with consumers. Three companies were unreachable, fourteen companies never wrote or called back, and only one company was willing to provide a statement; a complete and total non-answer from Cox Communications:

“Cox has always been committed to providing an open Internet experience for our customers and reversing the classification of Internet services will not change our commitment,” a representative for the company told Consumerist. “We do not block, throttle or otherwise interfere with consumers’ desire to go where they want on the Internet. A stated pledge like that in our contracts with customers is something we are looking into as the debate continues.”

In other words, of the twenty-four cable companies claiming to breathlessly adore net neutrality, not one of them was willing to put that adoration into writing. That’s because there’s one reason these companies are pushing to gut these protections and put all telecom oversight in the hands of an overextended and ill-suited FTC: so nobody can stop them from finding creative ways to abuse the lack of last-mile broadband competition. Anything else is pretense.